‘Privacy is not for the passive’
The quote in the title of this article is from Jeffrey Rosen, the American Information Security expert, reminds us of the dangers of complacency.
It’s so easy to assume our information is safe, isn’t it? Yet, as we point out in our Information Security training course, (here), a government survey last year reported 80% of organisations experienced a breach in their security and it cost an average £600,000 per year.
The news regularly features incidents where information is compromised because of complacency doesn’t it? Stories of laptops left on trains, spreadsheets dumped into skips without being shredded, teenage hackers getting into poorly defended databases.
Our Information Security course addresses the issues which underpin effective security and risk management. It’s ideal for training a workforce in best practice because it not only improves awareness of security measures to protect information, it identifies potential risks and ways to respond and report breaches in security, exactly what you need from eLearning software.
It’s a course we all need. After all, computers, laptops and mobile devices are part of everyday life. But information can be breached by inappropriate phone conversations and careless handling of sensitive documentation as well. It’s only when you work through the course that you realise how easily information security can be compromised.
Government Recommendations & Legislation
The government emphasize the importance of such training, their website recommends training should be provided in every organisation, particularly for the following roles:
• The Senior Information Risk Owner (SIRO) – the person with ultimate responsibility for information security
• The Accreditor – a “hands on” role responsible for identifying risks and suggesting mitigating measures and carrying out risk assessments
• The Information Asset Owner – who is responsible within any given project for the management of information (who accesses it, stores it, edits it etc.)
• The Communications Electronics Security Group – they provide the technical support and run annual IT Health Checks which form part of the assurance process.
These roles have a direct link to the legislation surrounding information security, such as:
• The Data Protection Act 1988 where everyone is responsible for using data and must follow strict rules called ‘data protection principles’
• The Freedom of Information Act 2000 which makes provision for the disclosure of information held by public authorities or by persons providing services for them
• ISO Standards (such as 27001) is for all organisations (large or small) and covers all sectors, including charities and the voluntary sector. The standard applies to organisations who wish to assess and prevent information security risks
• Payment Card Industry Data Security Standard and applies to merchants of all sizes, financial institutions, point-of-sale vendors, and hardware and software developers who create and operate the global infrastructure for processing payments.
What are the costs?
For an organisation with fewer than 20 employees, the cost of this particular piece of eLearning software is just £20 per person. (For only £1,950 you can buy 5 of our compliance courses and use them with up to 100 employees AND get an annual licence for our authoring tool and LMS so you can brand the courses and enrol/monitor usage).
Don't forget our courses offer learners the opportunity to receive accreditation for their training via The CPD Certification Service. More details are available here
Further information is available here
Want to see more of our compliance courses? Click here